Role Management Policy Permissions for Microsoft Graph

Application

Permission	ID	Purpose	Description
RoleManagementPolicy.Read.Directory	fdc4c997-9942-4479-bfcb-75a36d1138df	Read all policies for privileged role assignments of your company’s directory	Allows the app to read policies for privileged role-based access control (RBAC) assignments of your company’s directory, without a signed-in user.
RoleManagementPolicy.ReadWrite.Directory	31e08e0a-d3f7-4ca2-ac39-7343fb83e8ad	Read, update, and delete all policies for privileged role assignments of your company’s directory	Allows the app to read, update, and delete policies for privileged role-based access control (RBAC) assignments of your company’s directory, without a signed-in user.

Delegated

Permission	ID	Purpose	Description
RoleManagementPolicy.Read.Directory	3de2cdbe-0ff5-47d5-bdee-7f45b4749ead	Read all policies for privileged role assignments of your company’s directory	Allows the app to read policies for privileged role-based access control (RBAC) assignments of your company’s directory, on behalf of the signed-in user.
RoleManagementPolicy.ReadWrite.Directory	1ff1be21-34eb-448c-9ac9-ce1f506b2a68	Read, update, and delete all policies for privileged role assignments of your company’s directory	Allows the app to read, update, and delete policies for privileged role-based access control (RBAC) assignments of your company’s directory, on behalf of the signed-in user.